Diego, > Hi to all, I'm experiencing some problems with Luna CA3 HSM with > OpenCA. Reading the mailing list archive, I've found a thread > ([Openca-Users] LunaCA3 problem) in which someone (Ricardo Costa) had > the same problem I have, i.e. this error message when I try to > generate the self signed CSR for the CA certificate: > > engine "LunaCA3" set. > unable to load Private Key > 28756:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field > missing:tasn_dec.c:391:Field=iqmp, Type=RSA > 28756:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 > lib:d2i_pr.c:96:28756:error:0906700D:PEM > routines:PEM_ASN1_read_bio:ASN1 lib:pem_pkey.c:122:
First of all what version of OpenCA are you using ? CA3 works with 0.9.1 and 0.9.2.2 (but not 0.9.2.0 or 0.9.2.1). Second, can you use the tools provided by Chrysalis to talk to the CA3 ? I.e. multitoken. Third, can you use OpenSSL to "talk" to the CA3 ? I.e. using the engine parameter to create private keys etc. Chris... ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
